As the information-oriented society develops, the importance of the information security technology for securing safety of information being handled becomes higher. One of the elements of the information security technology is cryptographic technology, and the cryptographic technology is being currently used in various products and systems.
There are various cryptographic processing algorithms, and one of the basic techniques is so-called symmetric-key block cryptography. In symmetric-key block cryptography, the key for encryption and the key for decryption are the same. In both an encrypting operation and a decrypting operation, keys are generated from the common key, and a data converting operation with a certain block data unit such as 64 bits, 128 bits, or 256 bits is repeatedly performed.
Widely known symmetric-key block cryptographic algorithms include DES (Data Encryption Standard), which is a former standard in the U.S., and AES (Advanced Encryption Standard), which is the current standard in the U.S. Other various symmetric-key block cryptographic techniques are still being suggested today, and CLEFIA, which was suggested by Sony Corporation in 2007, is also one of symmetric-key block cryptographic techniques.
Such a symmetric-key block cryptographic algorithm is formed mainly with a cryptographic processing unit that has a round-function executing unit that repeatedly converts input data, and a key scheduling unit that generates round keys to be used in the respective rounds of round function units. The key scheduling unit first generates an enlarged key with an increased number of bits based on a master key (a main key) that is a secret key, and then generates round keys (sub keys) to be used in the respective round function units of the cryptographic processing unit based on the generated enlarged key.
As a specific structure that executes such an algorithm, there is a known structure that repeatedly executes a round function including a linear transformation unit and a nonlinear transformation unit. Typical example structures include a Feistel structure and a generalized Feistel structure. A Feistel structure and a generalized Feistel structure each have a structure that transforms a plain text into a cipher text through a simple repetition of a round function including F-functions as data conversion functions. In each F-function, linear transformation and nonlinear transformation are performed. Non-Patent Document 1 and Non-Patent Document 2 are examples of documents that disclose cryptographic processing using a Feistel structure.
One of the indications used in evaluating security of block encryption is diffusion properties. The properties can be regarded as properties that spread (or diffuse) input data changes into output data, and, in secure block encryption, influence of such changes in the input data is expected to be transmitted to the output data as fast as possible.
It can be predicted that, to improve diffusion properties, an increase in the number of round function repetitions will be effective, for example. However, there are no conventional techniques disclosed to improve diffusion properties with a smaller number of round-function repetitions.